How safe are you from cyber attacks?

A report by Kaspersky says India ranks fourth in the list of hacked servers available for sale via xDedic marketplace, which listed 3,488 Indian servers for sale as of May 2016.Aashika Jain | ET Online | June 23, 2016, 09:08 IST

Individuals are vulnerable to cyber attacks such as cyber-stalking, dissemination of obscene material, defamation, carding, cheating and fraud and cracking.

A recent report of Counterpoint, a technology market research firm, says rising smartphone sales in India will drive the number of smartphone users from a quarter of a billion to more than half a billion or about 55% of the total population. With the surge in the number of individuals accessing the Internet to carry out a host of activities ranging from social media to financial transactions, it is extremely important to figure out their readiness to tackle various cyber security threats.

"If we forget to secure activities done through the Internet now, there will be chaos and losses resulting in nothing less than tragedies, "IBM Security's business unit executive, Vaidyanathan Iyer told ET last week. (hyperlink: http://bit.ly/1YnyBq6) Iyer told ET that India's share in cyber crimes is miniscule at the moment, in the range of $4-5 billion per year, compared with a global impact in the range of up to half a trillion dollars per year. But, cyber attacks are increasing in the country with each passing day.

The threat is realIn India, cyber threats fall in two categories. One, a computer is used to attack another computer via hacking, virus attacks, DOS attack, and so on. Two, the computer is used as a weapon to commit real world crimes like cyber terrorism, IPR violations, credit card frauds, EFT frauds, and pornography.

A report by Kaspersky, an international software security group, says India ranks fourth in the list of hacked servers available for sale via xDedic marketplace, which listed 3,488 Indian servers for sale as of May 2016.

Highly skilled fraudsters can get hold of personal information through a process of virus-driven automation and carry out a potential theft, which can cause monetary or reputation loss. Hackers can also spy ware on a PC to attempt to destroy the infrastructure of a particular network.

The data, once procured, is leaked for an amount or used to conduct fraudulent transactions online without the knowledge of the real owner of the account.

Play it safe"Once it is out there, it is out there. There is nothing one can do," says AppKnox Co-Founder & CMO Prateek Panda. AppKnox is an automated testing tool for application developers and enterprises that help them identify and fix security loopholes in applications.

Individuals can take a host of simple measures such as ensuring password are tough to decode and include a combination of numbers, letters and symbols to protect their online accounts. Saving passwords on computers that have multiple users, email account as well on online payment wallets could pose a potential threat and must be avoided. Usage of public wi-fi should also be done with extreme caution, and only on devices that have a strong anti-malware installed.

Keeping a close check on financial accounts on a regular basis is also a way to ensure safety against cyber frauds. Ignoring fishy pop-ups can also ensure no unwanted malware loaded on the computer system accidentally.

Email services companies offering cloud service also offer the option of a two-step verification, which requires the user to enter his or her password and a verification code sent via SMS before being able to log on an online account. Opting for a two-step verification process could deter a potential hack.

Legal recourse?The Information Technology Act of India states that when a cyber crime has been committed, it has a global jurisdiction and a complaint can be filed at any cyber cell. The victim can first file the complaint from any cyber cell of any of the cities and also send direct email on cyber cell police stations located in 21 cities.

However, Panda believes that India's battle against cyber crimes is a lost cause because of open-ended and obsolete cyber laws. He says strong laws, proper policy guidelines for businesses to follow and security audits both internal and external are the only ways to fight against cyber crimes.

Cyber law expert and Supreme Court lawyer, Pavan Duggal says laws pertaining to cyber crime are caught in a historic time warp with cyber crime legal provisions introduced only in 2000s, and amended last in 2008. "India requires distinct dedicated cyber crime courts whose only job would be to deal with cyber crime matters for expeditious disposal of cases," says Duggal. He believes only a time-bound approach in addressing cyber crime issues will instil Indian consumers' sentiment towards being protected against such crimes.

Duggal believes a majority of businesses are not sensitized on issues a consumer face when they are made targets of cyber criminal activity, and only proactive compliances mandated under law will compel businesses to adopt security measures. "We are thoroughly ill-aware and ill-equipped to understand the ramifications of cyber security breaches and India lacks the culture of cyber security," he says.

"The onus of protection against cyber threats lies not only on the government, but also on businesses and consumers" says of cyber security company Lucideus Tech, CEO, Saket Modi. He believes a culture to comprehend the digital world needs to be developed in the education system. "The fundamental framework for which you require training is missing in schools," says Modi. However, he adds that businesses are much more eager to address potential cyber threats now, compared to a year ago.

Panda says businesses in India, at this stage, do not find the threat of cyber hacking worrisome. "Often the response from companies is how many people can do that," Panda said.